Back

CVE-2024-8906

Sept. 17, 2024, 9:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Google Chrome

  • before 129.0.6668.58

Source

chrome-cve-admin@google.com

Tags

chrome-cve-admin@google.com
2024-09-17
CVE-2024-8906

CVE-2024-8906 details

Published : Sept. 17, 2024, 9:15 p.m.
Last Modified : Sept. 17, 2024, 9:15 p.m.

Description

Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html chrome-cve-admin@google.com
https://issues.chromium.org/issues/352681108 chrome-cve-admin@google.com
This website uses the NVD API, but is not approved or certified by it.